[Bug check/report] UnDocumented call to ntdll.dll!NtAssignProcessToJobObject in msys2.0.dll / cygwin - included in mingit/Git for Windows

Fri, 10 Jan 2025 18:26:52 -0800 

Hello Cygwin list,
I'm part of the Visual Studio team at Microsoft which includes mingit/Git for 
Windows in our product for Git tooling integration (I'm copying a couple of 
folks from my team in this email too). One of our API scanning tools has 
identified msys2.0.dll calling undocumented Windows APIs like 
ntdll.dll!NtAssignProcessToJobObject:

  *   In cygwin - 
https://github.com/search?q=repo%3Acygwin%2Fcygwin+NtAssignProcessToJobObject&type=code
 with a caller: cygwin/winsup/cygwin/resource.cc at 
21a2c9db6952954608cdf92638b411b15e7606c6 * 
cygwin/cygwin<https://github.com/cygwin/cygwin/blob/21a2c9db6952954608cdf92638b411b15e7606c6/winsup/cygwin/resource.cc#L246>
     *   Looks like it was introduced ~3 years ago: 
https://github.com/cygwin/cygwin/commit/1c7384f9d1b692c8b58af4db8c81d2ce0b10ad06#diff-bc84d57ac99958a694cb56b977bac1360e35040f9aa421972702219e11055ae8R290
     *   The code indicates to have come from 
oneTBB/test/tbbmalloc/test_malloc_compliance.cpp at 
bd291eb0d1c7f802ca5081a8755562ab786db2a2 * 
uxlfoundation/oneTBB<https://github.com/uxlfoundation/oneTBB/blob/bd291eb0d1c7f802ca5081a8755562ab786db2a2/test/tbbmalloc/test_malloc_compliance.cpp#L56-L78>,
 though in that case the usage is of the documented API instead.

We believe the above call should get replaced by the following documented API - 
AssignProcessToJobObject function (jobapi2.h) - Win32 apps | Microsoft 
Learn<https://learn.microsoft.com/en-us/windows/win32/api/jobapi2/nf-jobapi2-assignprocesstojobobject>

Are you aware of this undocumented API call or a reason to not attempt updating 
them to documented ones?

The scan identified a few others like:

  *   NtOpenJobObject
  *   NtCreateJobObject
  *   NtOpenMutant - we're not sure yet of the documented call for this one.
  *   NtQueryInformationJobObject
  *   NtSetInformationJobObject
We need to further investigate as the documented calls may not be identical.

I would appreciate any thoughts/feedback or pointing us on the right direction. 
My team would be looking into proposing a change if the above sounds reasonable 
to this list.
Thanks,
Veronica


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

Reply via email to